Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.
N/A
Palo Alto Networks Prisma Access
Score 8.9 out of 10
N/A
GlobalProtect™
delivers the protection of next-generation security platform to the mobile
workforce in order to stop targeted cyberattacks, evasive application
traffic, phishing, malicious websites, command-and-control traffic, and known
and unknown threats.
The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows [Microsoft Cloud App Security] to apply policies with SharePoint, Teams, and OneDrive is being used predominantly. It is a kind of unified solution. As compared to other solutions such as Netskope, Symantec, or McAfee, it provides a more unified reporting structure. It also integrates with other technologies. We have Azure Information Protection, and it goes well with the solutions that we are already using.
Depending on the complexity of your equipment, devices, the network you are with, the size of your company, or the budget you are willing to pay, you should consider buying Prisma. I have in mind that it is a tool to make the leap to extra security for your devices; it is a complex tool that cannot be learned in a single day. Without a doubt, I would recommend her to a company that has a proven track record and knows what it wants.
It has created another area for us to manage some of the internet traffic for our users. Sites being open on-site and not on remote access or vice versa.
In general, the certificates are easier to handle than while on Cisco solution, it is still a pain to get the remote device a cert in place if it has "broken."
We would like to lock in the ability of which gateway we use to connect to the network. While it's not been an issue for us we have seen some oddness when using a different gateway than the preferred one.
The interface is pretty simple and easy to use; however, you will need to do a lot of investigative research on your own to get comfortable with it. Originally, many of the Microsoft security tools had their own seperate consoles. Overtime, they have blended into one interface which is the ideal state. In some cases it is clear Microsoft had to pick which console a certain feature or setting was going to reside in and this leads to some confusion. For example, DLP is managed through Defender for Cloud Apps but you will also need to jump into Purview. For things like reverse proxy on your M365 tenant, you will need to go into Azure and setup conditional access rules. Not a big problem and I can understand why the settings are located where they are but for someone just starting out with Defender for Cloud Apps, it will take some time to figure out.
I still say that Palo Alto Networks Prisma Access is the best. I love their GUI, their policies are easy to manage, the sales team is VERY helpful (especially when support is not). I still recommend them to everyone I talk to.
I have not utilized actual support but the Sales and Product teams have been super helpful in moving our implementation forward and showing us the best practices.
More flexible and more features with easy integration with cloud services like Microsoft Azure and other cloud services. Overall both gives similar features but we prefer Microsoft cloud app security due to its high threat detection rate. mostly we have been able to stop the threat in very very less time.
Palo Alto Networks Prisma Access is better than all the choices we looked at. With our in-house knowledge, ease of use, and Palo track record for innovating and having excellent security, it was a no-brainer to go with Palo Alto Networks Prisma Access. That being said, watch out for Cato.
Cloud App Security saves us thousands of dollars finding and rectifying apps security issues
Identity Security Posture helps the organization identity stay in shape, saving thousands of dollars on security consultations
The cost of suffering a breach cannot be quantified, CAS helps minimize the chances of the attackers succeeding, with excellent historical logging for most operations
